Next Webcasts:

Accelerating the Adoption of EHR
September 14, 2010 at 9am ET

Successful electronic health record (EHR) systems must be built with the right technology to ensure you meet meaningful user requirements and keep patient data both private and secure. But time is running out to implement the technology infrastructure that will be needed.

This free virtual seminar is designed to help you demystify the EHR selection and adoption process so that you can meet time-sensitive mandates, qualify for full incentive payments, ensure effective privacy and security and avoid costly penalties.

- Register -

Keys to Selecting SIEM & Log Management
September 21, 2010 at 2pm ET

Securing today's networks and meeting compliance requirements are dual challenges faced by every IT team. Bad things are happening much faster, as new exploits are discovered, 'weaponized', and distributed to the world within hours. Compliance audits take too long and security teams never look as good as they should, because they generally can't prove what they are doing.

SIEM & log management tools can address these needs. Ask any security practitioner about their holy grail and the answer is twofold: they want one alert specifying exactly what is broken, on just the relevant events, with the ability to learn the extent of the damage. They need to pare down billions of events into actionable information.

Presenters:

Adrian Lane, Analyst/CTO, Securosis

Michael Leland, CTO, NitroSecurity

- Register -

Past Webcasts:

Detecting Advanced Threats and Malware with SIEM
August 12, 1pm ET

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse "low and slow" attacks. With threats moving rapidly "up the stack", advanced SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.

In this presentation we'll cover technologies, techniques and best practices for effective threat detection and timely incident response using high performance SIEM systems.

Presenters:

Jeremy Conway, Senior Security Analyst, NitroSecurity

Dave Shackleford, Director of Security Assessments and Risk & Compliance,
Sword & Shield Enterprise Security

- Replay the Webcast -

- Download the Slides (5.5MB) -

The Emergence of Content Aware SIEM
July 27, 1pm ET

Content Aware SIEM is a new generation of Security Information and Event Management (SIEM) solutions that now have visibility into network flows, database sessions and application layer data and can combat insider threats, data loss, fraud and advanced persistent threats.

Without content awareness, current SIEMs are only able to act upon the surface details provided by event logs. This limits the effectiveness of SIEM for threat detection, incident response, and compliance reporting because the data being analyzed lacks needed context and content to make informed, relevant decisions.

Presenters:

Mel Shakir, Chief Technology Officer, NitroSecurity

Mel Shakir serves the office of the CTO at NitroSecurity where he brings over 15 years of experience in software development & management, information security and database technologies. He is responsible for developing and implementing NitroSecurity's overall technology vision and roadmap, including next generation application and database security management solutions.

Previously, Mel architected and developed advanced database security solutions as CTO of Rippletech, which was acquired by NitroSecurity in 2008. He founded Incache in 2004, where he served as CTO, which was acquired by Rippletech in 2006. Prior to Incache, Mel managed a database practice at Goldman Sachs.

Mel received his Bachelor's degree in Electrical Engineering from the University of Bombay and Master of Science in Electric Power Engineering from Rensselaer Polytechnic Institute (RPI) in Troy, NY.

- Replay the Webcast -

- Download the Slides (8.5MB) -

Detecting Dangerous PDFs and Application Layer Threats
July 22, 2pm ET

Malware making use of PDF files is one of many complex threats that are “moving up the stack” to exploit vulnerabilities at the application and session layers. Visibility into the contents of applications, documents and protocols is needed to capture critical data to detect and remediate these advanced threats.

Learn how new application monitoring technology provides full decode of application data and meta-data to uncover anomalies and violations leading to increased risk, fraud and data loss. Analyzing this data with a security information and event management (SIEM) system gives security analysts a more comprehensive view of their threat environment.

During this webcast, attendees will learn about:

Details of PDF structural flaws and exploit methods;
Common PDF obfuscation techniques utilized by attackers;
The complexity in analyzing PDF attacks with common toolsets;
Current and future PDF infection processes utilized by advanced attackers and
Detecting these attacks with new application layer monitoring technologies

Presenters:

Mel Shakir, Chief Technology Officer, NitroSecurity

Jeremy Conway, Senior Security Analyst, NitroSecurity

- Replay the Webcast -

- Download the Slides (3.7MB) -

Automating Compliance and Security with SIEM at the Bank of China
June 23, July 8, July 22

Faced with ever increasing compliance requirements and relentless cyber threats and attacks, the Bank of China in New York needed to automate network security to make its IT staff more effective and efficient.

Advanced security information and event management (SIEM) technology readily addresses both the scheduled monitoring and reporting needs of compliance officers and the real-time analysis and response demands of security operations center analysts. Pragmatic approaches to the implementation and operations of SIEM solutions can quickly bring these powerful solutions on-line and delivering actionable intelligence that reduce risk.

Presenters:

Mel Shakir, Chief Technology Officer, NitroSecurity

Kostas Georgakopoulos, VP & Head of Information Security, Bank of China, USA

- Replay the Webcast -

NERC CIP Best Practices Series -- Part 1 of 2
June 22, 2pm ET

In the first installment of our NERC CIP "Best Practices" webcast series, we'll be discussing the challenges faced in securing industrial control systems.

NERC CIP compliance is intended to assure that control systems are adequately secured against cyber attacks. However, adequately protecting SCADA and DCS environments can prove challenging. This webcast will focus on what point security and monitoring products are available for control system "defense in depth", when they should be used, and why.

The agenda includes:

Building a solid Electronic Security Perimeter
Establishing secure enclaves: what lives inside the ESP, and what should or shouldn't be allowed to cross it?
Monitoring inside the ESP using passive network monitoring
Monitoring cyber assets directly using host-based defenses
Bringing it all together: central analysis and correlation

While this webcast focuses on implementing cyber defenses, the security and event logs generated by these defenses are a requirement for NERC CIP compliance efforts as well. Join us for Part 2 of our NERC CIP "Best Practices" webcast series to learn more about event collection and retention, log review, and NERC CIP compliance.

Presenters:

Mohan Ramanathan, Solutions Architect for Critical Infrastructure

Eric Knapp, VP Technology Marketing, NitroSecurity

- Replay the Webcast -

- Download the Slides (1.8MB) -

NERC CIP Best Practices Series -- Part 2 of 2
June 24, 2pm ET

In the second installment of our NERC CIP "Best Practices" webcast series, we'll cover how the security and event logs collected as part of your cyber defenses (covered in part 1) can be leveraged for your compliance efforts.

The agenda will include:

Determining which logs need to be retained, and how to obtain them
The Fundamentals of log collection and retention
Applying context to logs to provide relevance to you and your auditor
How logs should be reviewed, and by whom
Producing comprehensive NERC CIP compliance reports
Ongoing NERC CIP assessment for sustainable compliance

While this webcast focuses on meeting NERC CIP compliance, it's also important to understand how to implement the underlying cyber defenses that NERC is intending to ensure. Part 1 of our NERC CIP "Best Practices" webcast series explains what point security and monitoring products are available for control system "defense in depth", when they should be used, and why.

Presenters:

Matthew Luallen, Co-Founder, Encari

Eric Knapp, VP Technology Marketing, NitroSecurity

- Replay the Webcast -

- Download the Slides (1.3MB) -

Detecting Dangerous PDFs and Application Layer Threats
May 25, 2pm ET

Malware making use of PDF files is one of many complex threats that are "moving up the stack" to exploit vulnerabilities at the application and session layers. Visibility into the contents of applications, documents and protocols is needed to capture critical data to detect and remediate these advanced threats.

Learn how new application monitoring technology provides full decode of application data and meta-data to uncover anomalies and violations leading to increased risk, fraud and data loss. Analyzing this data with a security information and event management (SIEM) system gives security analysts a more comprehensive view of their threat environment.

Presenters:

Mel Shakir, Chief Technology Officer, NitroSecurity

Jeremy Conway, Product Manager, NitroSecurity

- Replay the Webcast -

- Download the Slides (3.7MB) -

Making log data actionable through SIEM integration
Apr 29, 2pm ET

Log data collected to meet compliance requirements can be used to increase security as well. If effectively combined with event, activity and flow data, logs contribute to effective threat detection and incident response. A deeply integrated, high performance SIEM and log management solution is required to provide the real-time correlation and analysis needed to make log data actionable.

Join Anton Chuvakin, Founder and Principal of Security Warrior and Eric Knapp, VP Technology Marketing to learn about best practices for log management and analysis and the integrated SIEM-log management solutions available today.

Presenters:

Dr. Anton Chuvakin, Founder and Principal of Security Warrior

Eric Knapp, VP Technology Marketing, NitroSecurity

- Replay the Webcast -

- Download the Slides (3.5MB) -

Automating Security & Compliance with SIEM at Dallas-Fort Worth Hospital Council
Apr 8, 2pm ET

Relentless cyber-threats and increasing compliance requirements can overwhelm the existing processes used by hospital IT staffs. New security information and event management (SIEM) solutions automate threat detection, enable rapid incident response and simplify compliance reporting.

Understand the powerful capabilities of new SIEM technologies and how Dallas-Fort Worth Hospital Council has leveraged SIEM to make their IT team more effective and efficient.

Presenters:

Mel Shakir, CTO, NitroSecurity

Dwight Carter, CIO, Dallas-Fort Worth Hospital Council

- Download the Slides (4.7MB) -

- Replay the Webcast -

- Podcast Excerpt -

Database Monitoring — Beyond Compliance to Proactive Information Protection
Apr 7, 1pm ET

Database Activity Monitoring plays an important part in various regulatory compliance mandates, by monitoring and logging all database activity to ensure that sensitive data is being access appropriately, and by the right people. But DAM can also play a vital role in incident response processes. When tightly integrated within an enterprise security management platform, database monitoring provides valuable context that can be used to actively protect your network from data loss and fraud.

Presenter:

Mel Shakir, CTO, NitroSecurity

Mehlam (Mel) Shakir serves the office of the CTO at NitroSecurity where he brings over 15 years of experience in software development & management, information security and database technologies. He is responsible for developing and implementing NitroSecurity's overall technology vision and roadmap, including next generation application and database security management solutions.

- Download the Slides (5.4MB) -

- Replay the Webcast -

State Privacy Laws, National Reach
How to Avoid Becoming a Case Study for Non-Compliance Mar 23, 2pm ET

With special guest presenter Mike Spinney

As more states adopt privacy laws to protect their residents' personal information, the scope of these laws is evolving in significant ways. No longer just data breach notification requirements, today's laws mandate that companies take preventative measures to secure sensitive data. On March 1, 2010, MA 201 CMR 17 was the first in the nation to require specific technologies for the protection of personal information.

Join Mike Spinney, Senior Privacy Analyst at the Ponemon Institute and Michael Leland, CTO of NitroSecurity, to learn about how Massachusetts and others states are driving this evolution, the technology requirements for compliance, and how to prepare your organization for success.

Presenters:

Mike Spinney, Senior Privacy Analyst, Ponemon Institute

Michael Leland, CTO, NitroSecurity

- Download the Slides (4.1MB) -

- Replay the Webcast -

Combining Privacy & SIEM Systems for Comprehensive Risk Management Mar 16, 2pm ET

Patient privacy and information security can be separate, siloed responsibilities within healthcare providers, with distinct teams focused on their respective missions, challenges and tools. Privacy incidents, like electronic medical record snooping, clinical system compromise, and identity theft, can be early indicators of more pervasive behavior. This can impact compliance or worse, be the first clues of undiscovered cyber-attacks that can threaten all clinical, operational and administrative systems. Integrating privacy solutions and security information management systems (SIEM) can provide the real-time visibility and analysis needed by both privacy officers and security analysts to create a common platform for delivering more comprehensive early warning systems. Join Mel Shakir, CTO of NitroSecurity, and Kurt Long, CEO and Founder of FairWarning to understand system architectures and implementation approaches available today to reduce risk through effective privacy and SIEM integration.

Presenter:

Mel Shakir, CTO of NitroSecurity

- Download the Slides (10.5MB) -

- Replay the Webcast -

Tool Talk: Identifying and Understanding Advanced Persistent Threats

Advanced Persistent Threats (APT) are goal oriented attacks carried out against a defined target in a very structured manner without the restrictions of time. The underlying goal for an APT attacker is to go undetected for as long as possible, while stealing as much information as possible. APT attackers are typically highly sophisticated and organized groups that have traditionally focused on defense, research and financial organizations - and are looking for new targets. In many cases APT attacks are the exact same attacks used by opportunistic attackers and malicious application developers. The key differentiator is the persistence of an APT attacker. The goal for this presentation is to define what APTs are and explore methodologies that can aid in identifying, tracking, and differentiating APT style attacks.

Presenter:

Jeremy Conway, Product Manager, NitroSecurity

- Replay the Webcast -

SC Magazine Webinar: Content Aware SIEM

The original Security Event Managers (SEM) started by supported IDS logs. Bringing in other third party logs grew the SEM into a Security Information Management (SIM), which then evolved further to incorporate contextual information from other sources such as VA and IAM tools, finally becoming what we refer to today as a "Security Information and Event Management" system, or SIEM. Each evolution increased the event load placed on the system, in how fast events or logs needed to be collected, how much storage was required to support data retention over time, and how quickly the data could be analyzed and accessed, in order to produce actionable information.

With SIEM evolving once more -- this time to become aware of application and protocol content -- the strain of information management is being seen again. Learn how to gain new visibility into whats happening on your network, by collecting and correlating diverse event data, logs and now content information, and the benefits you'll receive from implementing a true Content Aware SIEM.

Presenters:

Dr. Anton Chuvakin, Founder and Principal of Security Warrior

Eric Knapp, VP Technology Marketing, NitroSecurity

- Replay the Webcast -

Special Webcast with Jon Oltsik, ESG - The New Security Management Model

Driven by regulatory compliance and security event correlation, most large organizations have deployed a Security Information and Event Management (SIEM) system over the past few years. Does this mean that they are adequately protected? ESG does not believe so. Ominous security threats and a rash of publicly-disclosed data breaches certainly place an intense strain on many legacy security management tools and ESG believes this is just the tip of the iceberg.

Presenters:

Jon Oltsik, Principle Analyst, ESG

Michael Leland, CTO, NitroSecurity

- Replay the Webcast -

Dark Reading & BlackHat Special Virtual Event - replay on demand -

IT Security: The Next Decade

InformationWeek's Dark Reading and Black Hat come together for their first-ever virtual event, exploring the most dangerous threats of the next ten years - and what you can do today to protect your enterprise from them.

As we come to the end of the first decade in the new millennium, the IT industry faces some of the greatest security challenges in its history. In fact, 2009 saw more breaches, more malware, and more zero-day exploits than any year before.

At that rate, what will security be like ten years from now? What threats and challenges will the new decade bring?

If questions like this make you feel like your head is about to explode, don't worry - there is a way to get some perspective on the future - by attending "IT Security: The Next Decade," a first-ever virtual event that combines the in-depth expertise of three of the industry's best-known security resources: Black Hat, InformationWeek, and Dark Reading

SANS Webinar: Content Aware SIEM

Budgeting for SIEM in 2010? - What You Need To Know

Adding SIEM to meet compliance requirements and increase security is a smart move. But with budgets tight how do you determine the right solution for your organization? Learn the latest trends in SIEM technology and understand the key capabilities that matter most to your organization. So you can avoid fines, minimize the impact of threats and vulnerabilities and put time back in your day.

Presenters:

Jerry Skurla, EVP Marketing, NitroSecurity

Eric Knapp, VP Technology Marketing, NitroSecurity

- Download the Slides (4.6MB) -

- Replay the Webcast -

WhiteHat World "Thought Leadership Roundatble" HIPAA Security.

A roundtable discussion on HIPAA Security between panelists:

Michael Leland, NitroSecurity

Mark Seward, LogLogic

Reed Henry, ArcSight

Moderator: Rich Mogull, Securosis

- Replay the Webcast -

SANS Webinar: Protecting the Power

Power utilities present a unique security challenge. As we begin to converge what were historically three separate networks—one for communication, one for data monitoring (SCADA), and one for process control (PCS)—we increase efficiency ... but at the cost of security? Learn how to overcome the inherent difficulties in securing the modern digital utility infrastructure through central monitoring and correlation of all three networks.

Presenters:

Matthew E. Luallen, Certified SANS and Cisco Instructor, Co-Founder, Encari

Eric D. Knapp, VP Technology Marketing, NitroSecurity

- Replay the Webcast -